Conquered a new frontier of resilience
Situation
Over the years, the company had already made significant investments in the Hw/Sw of information systems with periodic renewal of operating procedures. The progressive expansion of the technological boundary (4.0, IoT, Cloud, Extranet, Network, Erp-Windows environment integrations) and the more frequent interaction in smart working made it necessary to proactively raise security standards, data and information protection.
Challenge and Actions
Various risk mitigation strategies were implemented with markedly increased levels of security controls: access, pw, log. In combination with more frequent monitoring, refinements of compliance aspects were implemented on the GDPR and Privacy front. In parallel with the technical measures, a strong focus was placed on organizational issues: access restrictions, data/document cleaning and updating, raising awareness of the most widespread risks, and making people responsible for data handling and processing.
Results
A clear leap in professional technical know-how on the subject. Increased awareness, more frequent and timely updates, ability to respond to incidents with multiple defenses, definition of better agreements with service providers, greater integration of individual technological aspects as well as data and documents.